From 2290408f6897f7ee7dbfbe3fa56d4002f0566b1d Mon Sep 17 00:00:00 2001 From: bbruns Date: Sat, 18 Dec 2010 21:15:57 +0000 Subject: [PATCH] Add code for detecting default external interface --- bin/firewall-sosdg | 5 +++++ include/static | 3 +++ options.default | 16 ++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/bin/firewall-sosdg b/bin/firewall-sosdg index 6286023..78b627d 100755 --- a/bin/firewall-sosdg +++ b/bin/firewall-sosdg @@ -104,6 +104,11 @@ if [ ! -x "$IP6TABLES" ] && [ $IPV6 == "1" ]; then exit 3 fi + +if [[ "$EXTIF" == "auto" ]]; then + EXTIF=$EXTIF_FIND +} + iptables_rules_flush ipv4 if [ -s "$BASEDIR/include/ipv4_custom_flush" ]; then diff --git a/include/static b/include/static index 3e45866..ae93856 100755 --- a/include/static +++ b/include/static @@ -66,3 +66,6 @@ IPTABLES_MULTIPORT=auto # Where we store output of cached rules RULE_CACHE=$BASEDIR/cache/ipt-rules RULE_CACHE_V6=$BASEDIR/cache/ipt6-rules + +EXTIF="auto" +EXTIF_FIND=`ip route | awk '/^default/{print $3}'` \ No newline at end of file diff --git a/options.default b/options.default index 7e1487f..a57b4c8 100755 --- a/options.default +++ b/options.default @@ -45,6 +45,22 @@ POSTRUN="$BASEDIR/conf/postrun" # where this server is providing services. #LANDHCPSERVER="eth0 eth1" +# Primary external interface +# Can be an interface name (ppp0, eth0) or auto +# which will try to detect the proper interface, +# but requires a default route to be properly setup +# first. +EXTIF="auto" + +# Pattern for finding the default external interface +# Pick one or create your own if the firewall script +# has problems figuring it out. +# +# Common patterns for getting default route: +# netstat -rn | awk '/^0.0.0.0/{print $8}' +# ip route | awk -F '/^default/{print $3}' +#EXTIF_FIND=`ip route | awk '/^default/{print $3}'` + # Internal Interface #INTINF=ppp+